toc
Python SDK
A full reference of our Python SDK.
You can use our Python SDK to:
- Encrypt data at your server
- Run your Cages
- Encrypt/decrypt data with Relay
You can use our Python SDK to encrypt data — rather than with Relay — and still send it to a third-party via Relay. Encrypting with our backend SDKs is best for developers who want to avoid the network latency of Relay and/or want to avoid sending plaintext data to Relay to be encrypted.
Encrypting data with our backend SDKs instead of Relay may expose you to greater compliance burden because plaintext data touches your server before it is encrypted.
You don’t need to change your database configuration. You can store Evervault-encrypted data in your database as you would the plaintext version.
Installation
Our Python SDK is distributed via pypi, and can be installed using pip
.
bashpip install evervault
Initialization
The Evervault Python SDK will automatically route all outbound HTTPS requests through Relay for decryption by overriding your default HTTP Agent in the requests
library. To disable this behaviour, set intercept
to false
in the initialization options.
pythonimport evervault# Initialize the client with your team’s API keyevervault.init('<YOUR_API_KEY>')# Encrypt your dataencrypted = evervault.encrypt({ 'name': 'Claude' })# Process the encrypted data in a Cageresult = evervault.run('hello-cage', encrypted)
Reference
The Evervault Python SDK exposes three functions:
evervault.init()
evervault.encrypt()
evervault.run()
evervault.init()
evervault.init()
initializes the SDK with your API key. Configurations for the interception of outbound requests may also be passed in this function.
pythonevervault.init(api_key = str[, intercept = bool, ignore_domains = list, retry = bool, curve = str])
Parameter | Type | Description |
---|---|---|
api_key | str | The API key of your Evervault Team |
intercept | bool | Route outbound requests through Evervault to automatically decrypt encrypted fields. |
ignore_domains | list(str) | Requests sent to any of the domains in this list will not be intercepted |
retry | bool | Retry failed Cage operations (maximum of 3 retries; False by default) |
curve | str | The elliptic curve used for cryptographic operations. See Elliptic Curve Support to learn more. |
We provide two curve
options. You can set them as follows:
curve = evervault.Curves.SECP256K1
orcurve = evervault.Curves.SECP256R1
evervault.encrypt()
evervault.encrypt()
encrypts data for use in your Cages. To encrypt data at the server, simply pass a dict
or string
into the evervault.encrypt()
function. Store the encrypted data in your database as normal.
pythonevervault.encrypt(data = dict | string)
Parameter | Type | Description |
---|---|---|
data | dict or string | Data to be encrypted. |
evervault.run()
evervault.run()
lets you invoke a Cage with a given payload.
pythonevervault.run(cage_name = str, data = dict[, options = dict])
Parameter | Type | Description |
---|---|---|
cage_name | string | Name of the Cage to be run. |
data | dict | Payload for the Cage. |
options | dict | Options for the cage run. |
Options | Type | Default | Description |
---|---|---|---|
async | Boolean | False | Run your Cage in async mode. Async Cage runs will be queued for processing. |
version | Integer | None | Specify the version of your Cage to run. By default, the latest version will be run. |